Lucene search
K

26 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-43418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflect...

6.5CVSS4.9AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-41678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflect...

6.5CVSS4.9AI score0.00486EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-47759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any...

6.7CVSS5AI score0.00418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-45609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated...

6.5CVSS4.9AI score0.00333EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-45608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

8.8CVSS5.2AI score0.00524EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-40638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to...

8.8CVSS5.1AI score0.36733EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-45610

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An...

6.5CVSS5AI score0.00333EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-43417

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflect...

6.5CVSS4.9AI score0.00353EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 8:6 a.m.9 views

CVE-2024-45609

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages...

6.5CVSS6AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 9:15 p.m.1 views

UBUNTU-CVE-2024-45611

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload t...

5.7CVSS5.8AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 8:16 p.m.12 views

CVE-2024-45611 GLPI has a stored XSS at src/RSSFeed.php

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload t...

5.7CVSS4.5AI score0.00305EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 8:15 p.m.11 views

UBUNTU-CVE-2024-45609

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the reports pages...

6.5CVSS5.8AI score0.00333EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 7:15 p.m.1 views

UBUNTU-CVE-2024-43418

GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17...

6.5CVSS5.8AI score0.00394EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 7:15 p.m.3 views

UBUNTU-CVE-2024-45608

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

8.8CVSS5.9AI score0.00524EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/15 6:24 p.m.26 views

CVE-2024-45608 GLPI has an Authenticated SQL Injection

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

6.5CVSS7.7AI score0.00524EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 6:24 p.m.23 views

CVE-2024-45608 GLPI has an Authenticated SQL Injection

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

6.5CVSS0.00524EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 6:24 p.m.25 views

CVE-2024-45608 GLPI has an Authenticated SQL Injection

GLPI is a free asset and IT management software package. An authenticated user can perfom a SQL injection by changing its preferences. Upgrade to 10.0.17...

6.5CVSS5.2AI score0.00524EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 6:15 p.m.1 views

UBUNTU-CVE-2024-40638

GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take control of it. Upgrade to 10.0.17...

8.8CVSS5.8AI score0.36733EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 6:15 p.m.1 views

UBUNTU-CVE-2024-41678

GLPI is a free asset and IT management software package. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability. Upgrade to 10.0.17...

6.5CVSS5.8AI score0.00486EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 5:42 p.m.10 views

CVE-2024-47759 GLPI has a stored XSS via document upload

GLPI is a free Asset and IT management software package. An technician can upload a SVG containing a malicious script. The script will then be executed when any user will try to see the document contents. Upgrade to 10.0.17...

6.7CVSS4.7AI score0.00418EPSS
Exploits0References3
Rows per page
Query Builder